Slashdot Mirror
Software Choice Group Tells DOD Not to Use Open Source
ducomputergeek writes "A group calling themselves the Initiative for Software Choice, backed by Microsoft and others, is recommending that the DOD drop plans for further adoption of Open Source software. This comes after MITRE, a defense contractor, published a report stating that not only does the Department of Defense use opensource, but is recommend on using it more. The article is at News.com and you can read it here."
This would be the Henry Ford definition of choice then? "You can choose any supplier you like, so long as it's us."
This is my World Wide Web of Whatever
"Not inherently less secure" is a strange way of advocating your position. Double-negatives like this usually betray a defensive mind set. Why didn't they have the conviction to say "we're *more* secure"?
Ryan T. Sammartino
"Ancora imparo"
Well I'm sure the DoD remember their dead microsoft NT sub. The radar which doesn't work etc. The missing nukes because of SQL server? Microsofts admission and then retraction.. it is all documented out there..
A quick search of slashdot digs up this:
navy unhappy with microsoft
Even the average man in the street thinks of windows as less secure. I can't believe something like this would really fool people...
Indeed it does. The beauty of this is that every time a piece of FUD like this arrives, it adds mindshare of OpenSource to the equation.
It's like the old Monty Python sketch when in the cockpit of a plane John Cleese takes the microphone and informs the passenger that "There is no cause for alarm". When asked why he did that claiming the passengers now have to ponder "What is there no cause for alarm For!
This junk by MS almost ensures an invite for OpenSource to the party.
Help fight continental drift.
Oh I totally agree. I'm all for OSS getting an equal share of the limelight with others, even Microsoft. Personally I think on an even playing field, OSS has way more pros than cons as opposed to more proprietary solutions. However the OSS community also has to realize that all they can do is showcase themselves as best they can. If an individual/company/organization/whatever decides they want Microsoft products (as an example) then that's their decision. Hopefully they've made an informed one, but if they have then they've chosen what's best for them. OSS shouldn't take that as a slap to the face, they don't have to win EVERY battle.
"I'm a leaf on the wind. Watch how I soar."
-Hoban Washburn
The first thing it told me was, "You can introduce hostile code into your network by opening an E-Mail" and therefore intructs you not to open E-Mail from anyone you don't know. They go on to say that you can also compromise the company's security by reading your Yahoo or Hotmail mail at work. Later in the course it instructs you to keep your system up to date by installing the latest Microsoft security patches, which is ironic because a co-worker just trashed his system by installing a Microsoft security patch and is looking at 3 days downtime while the technicians reinstall the OS (Technicians have an 8 hour response time and due to the holiday they were pretty close to that time. They took his computer away but they won't be able to deliver it on Friday because no one's going to be there.)
Great. So we know we have a problem but instead of taking steps to solve the underlying problem, we're just going to tell everyone in the company to modify their behavior because if they don't, the company's network and billions of dollars of assets will be compromised. Does anyone else see a problem with this?
Frankly, with the company's assets at stake, it would be a damn good idea to roll your own client code just so you can audit the source code. I did some auditing with Data General for a while and they had it right. Every auditing test was extremely well documented and available on the network, along with the automated code generated to test each function (In the C Library in this case.) But if rolling your own clients makes sense, you could save yourself a lot of time and money by grabbing open source projects for the applicaitons you need and feeding those to your audit and programming teams. You save some money and the open source community gets free high quality auditing of their source code and any additional features you decide to add to it. Everyone wins.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
Open source software, the way it is marketed is perfect for DoD work simply because the software itself is tweakable. The IT people in govement departmenrs have a large degree of control over how software is used should they choose open source; they are not as reliant on MS's vision of how their software is used, nor should they be.
Should open source be required? I used to say yes, but then I realize, that is not choice. So of course no, but then neither should closed source be. It all comes down to what it will do for you. On one hand you get a product that MS does not warrent for any particular purpose, nor allow themselves to be held liable for any such use, versus a software product that does the same thing but at least allows the purchaser to to alter the code to suit their own preference, but retaining the decision as to whether to distribute it, under some liberal conditions.
Dawn of the Dead
Bruce
Bruce Perens.
As we have seen with Microsoft's efforts to complicate other formats, the best way of wnsuring this is to demand source code. If Microsoft doesn't like it, well there is always OSS.
See my journal, I write things there